On the night of Thursday 9 to Friday 10 December 2021, the website of the Brazilian Ministry of Health (Ministério da Saúde) fell victim to ransomware, according to information from . The site was not the only one affected by this security incident: the “ConnectSUS” application containing the certificate of vaccination against Covid-19 was also affected.
50 TB of stolen data?
Therefore, the cyberattack is particularly serious, since it concerns the vaccination data of all Brazilians who have received at least one dose. The “Lapsus $” group, which claimed responsibility for the attack, said it had 50 terabytes (TB) of data pulled from Health Department systems. It threatens to publish them if the ransom is not paid. The amount of the latter is unknown.
The Brazilian Minister of Health, Marcelo Queiroga, tried to calm the situation. He claimed that the government had a backup of data allegedly stolen by hackers. To clarify this incident, the federal police and intelligence services opened an investigation.
Delayed new health regulations
But this cyberattack has immediate consequences: the new health regulations will come into force seven days later than planned. In principle, since Saturday, December 11, unvaccinated travelers from abroad had to quarantine for five days before the resurgence of cases caused by the new Omicron variant. However, affected people can no longer issue a vaccination certificate from the cyberattack.
This is not the first time that the Brazilian healthcare system has been attacked by cybercriminals. In September 2021, the Brazilian Health Regulation Agency (Anvisa) was attacked. A few months earlier, the health data of more than 16 million Covid-19 patients had been exposed online. It was an employee of the Sao Paulo hospital who had uploaded a spreadsheet to GitHub that contained the accesses to the systems involved in the identification of positive cases.
This is nothing new: medical structures are a prime target for hackers. Already because they contain particularly sensitive data, but also because these attacks cause great disorganization in the victim States. During the first wave, Assistance Publique-Hôpitaux de Paris (AP-HP) was the target of a denial of service attack.
Woodmart Theme Nulled, WP Reset Pro, Newspaper 11.2, Newspaper – News & WooCommerce WordPress Theme, Premium Addons for Elementor, Rank Math Seo Pro Weadown, WeaPlay, WordPress Theme, Plugins, PHP Script, Jannah Nulled, Elementor Pro Weadown, Woocommerce Custom Product Ad, Business Consulting Nulled, Jnews 8.1.0 Nulled, Avada 7.4 Nulled, Nulledfire, Dokan Pro Nulled, Yoast Nulled, Flatsome Nulled, PW WooCommerce Gift Cards Pro Nulled, Astra Pro Nulled, Woodmart Theme Nulled, Slider Revolution Nulled, Wordfence Premium Nulled, Elementor Pro Weadown, Wpml Nulled, Consulting 6.1.4 Nulled, Fs Poster Plugin Nulled